Vulnerability Identifier: CVE-2008-1436; CVE-2009-0078; CVE-2009-0079; CVE-2009-0080
Risk: Important
Affected Software:
  • Microsoft Windows 2000 Service Pack 4
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 Service Pack 2
  • Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  • Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
  • Microsoft Windows Server 2003 x64 Edition
  • Microsoft Windows Server 2003 x64 Edition Service Pack 2
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows XP Professional x64 Edition Service Pack 2
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Service Pack 3
  • Windows Server 2008 for 32-bit Systems
  • Windows Server 2008 for Itanium-based Systems
  • Windows Server 2008 for x64-based Systems
  • Windows Vista
  • Windows Vista Service Pack 1
  • Windows Vista x64 Edition
  • Windows Vista x64 Edition Service Pack 1
Description:

This update resolves the following vulnerabilities, which may cause elevation of privileges on the affected system:

The Windows Microsoft Distributed Transaction Coordinator (MSDTC) vulnerability exists in Windows platforms. The NetworkService token that is left by MSDTC transactions can be impersonated by any process that calls on the said token. When exploited successfully, it allows a remote attacker to take complete control of an affected system.

An attacker can exploit the vulnerability that exists in Windows Management Instrumentation (WMI) Service Isolation due to the improper way of isolating processes that run on NetworkService or LocalService accounts. The same vulnerability exists in the RPCSS service.When exploited successfully, both vulnerabilities may allow a remote attacker to take complete control of an affected system.

The incorrect placing of access control lists done by Windows on threads in the ThreadPool. When exploited successfully, both vulnerabilities may allow a remote attacker to take complete control of an affected system.


Patch Information:

For information on patches specific to the affected software, please proceed to this Microsoft Web page.


Workaround Fixes:

Several workarounds have been identified for the aforementioned vulnerabilities. Read more details on the implications and how to undo the suggested workarounds here.